T-Mobile really wants Sprint customers to move their phones to the T-Mobile network. As part of that, they offer free SIM cards to Sprint customers upon logging in to their account. It turns out, however, that the website doesn’t actually limit the number of orders that can be placed.
A user over on the r/tmobile Discord server discovered the exploit after the website continually asked them to order a free SIM, as seen below.
They then used this discovery to place multiple orders over the course of a few weeks. By default, the order form auto-filled a quantity of one. However, the user found a method to increase that quantity to a maximum of 6.
I can now order 6 at a time, with free overnight shipping, as many times as I want, for free, because… idk I guess I’ll become the community SIM hoarder.
Over the course of a week or so, the user ordered constantly during the day. They kept the Sprint website open while working at their job, and ordered every few minutes. The packages began arriving.
Eventually, even more packages began piling up outside their door. A lot more.
Then one day, the user found that their Sprint account’s online access had been suspended. When they contacted T-Mobile, they were put through to an employee from Sprint Executive Care. Surprisingly, it turns out the suspension wasn’t due to the quantity of SIMs being ordered, but in fact the speed at which the orders were being placed.
Basically, I got another rep for Sprint, they said my account is locked out for fraud but I’m not in trouble, he reiterated that these cards are free to order and there is no limit on how many one customer can order, but the reason my account is under fraud suspicion is because orders were placed back to back so quickly that it didn’t look like a human being was doing it, they thought it was some kind of scripted activity by a bot.
Support then unsuspended the user’s account and even encouraged them to continue if they wanted. The user decided to stop at this point, though, simply due to the potential inconvenience of having their online access suspended and needing to request it be restored.
He said I don’t need to return the SIM cards, and I may still order more if I wish once my account is restored, but in his personal opinion this is the strangest situation he’s ever seen. I’m not going to [continue ordering] because it’s a major inconvenience to lose access to my online account for a week at a time.
What was the end result of all those orders? The customer still isn’t done unboxing every single SIM, but they estimate that the total number of SIMs they ordered was a whopping 5,190. That’s a lot of spare SIM cards.
A different user on the Discord mentioned that the SIM cards are likely specific for Sprint to T-Mobile migrations, and are a bit different than the ones for standard T-Mobile customers. Apparently it may cause issues for existing T-Mobile customers and devices if these particular SIMs are used for something other than a network migration.
It’s also worth noting that each order offered free overnight shipping, and that’s quite a cost for T-Mobile. Even assuming a generously low corporate discount of about $2.50 per package, that adds up to about $13,000 in shipping costs.
It’s likely T-Mobile will close this exploit soon, but if you’re a Sprint customer that has yet to switch their SIM, you might be able to get a few spares if you want.